<?php
/**
 * @Author: Administrator
 * @Date:   2014-10-29 23:31:39
 * @Last Modified by:   WHK
 * @Last Modified time: 2014-12-15 14:50:45
 */
// define("TOKEN", "jerry"); //token设置
// define("APPID", "xxxxxxxxxxxxxxxxxx");
// define("SECRET", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
//define("TOKEN", "jerry");//微信的TOKEN 

class WechatControl extends CommonControl
{
	
	public function index(){
    // echo "string";
    // echo TOKEN;
		if(!empty($_GET['echostr'])){  
	          
	        $this->valid();
	          
		    }else{  
		          
		        $this->responseMsg();  
		    }  
	      
	    exit;  
	}
	/** 
         * 绑定url、token信息 
         */  
        public function valid(){  
            $echoStr = $_GET["echostr"];  
            if ($this->checkSignature()) {  
                echo $echoStr;  
            }  
            exit();  
        }  
/** 
         * 检查签名，确保请求是从微信发过来的 
         */  
        private function checkSignature()  
        {  
        // you must define TOKEN by yourself
        if (!defined("TOKEN")) {
            throw new Exception('TOKEN is not defined!');
        }
        
        $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];
        		
		$token = TOKEN;
		$tmpArr = array($token, $timestamp, $nonce);
        // use SORT_STRING rule
		sort($tmpArr, SORT_STRING);
		$tmpStr = implode( $tmpArr );
		$tmpStr = sha1( $tmpStr );
		
		if( $tmpStr == $signature ){
			return true;
		}else{
			return false;
		}
       } 
		 /** 
         * 接收消息，并自动发送响应信息 
         */  
     public function responseMsg()
    {
		//get post data, May be due to the different environments
		$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];

      	//extract post data
		if (!empty($postStr)){
                /* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,
                   the best way is to check the validity of xml by yourself */
                libxml_disable_entity_loader(true);
              	$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
                $fromUsername = $postObj->FromUserName;
                $toUsername = $postObj->ToUserName;
                $keyword = trim($postObj->Content);
                $time = time();
                $textTpl = "<xml>
							<ToUserName><![CDATA[%s]]></ToUserName>
							<FromUserName><![CDATA[%s]]></FromUserName>
							<CreateTime>%s</CreateTime>
							<MsgType><![CDATA[%s]]></MsgType>
							<Content><![CDATA[%s]]></Content>
							<FuncFlag>0</FuncFlag>
							</xml>";             
				if(!empty( $keyword ))
                {
              		$msgType = "text";
                	$contentStr = "Welcome to wechat world!";
                	$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
                	echo $resultStr;
                }else{
                	echo "Input something...";
                }

        }else {
        	echo "";
        	exit;
        }
    }

}


